1. In the Essentials 2007 console, click the Authoring button.

2. In the Authoring pane, expand Authoring, expand Management Pack Objects, and then click Monitors.

3. Click Change Scope.

4. In the Scope Management Packs Objects by target(s) dialog box, in the Look for text box, type Windows Computer, select the Windows Computer target check box, and then click OK.

5. In the Monitors pane, expand Windows Computer, expand Entity Health, right-click Availability, point to Create a monitor, and then click Unit Monitor.

6. In the Create Monitor Wizard, on the Select a Monitor Type page, expand Log Files, expand Text Log, expand Simple Event Detection, click Event Reset, and then click Next.

   Note
   You can either select a Management Pack from the Select destination management pack list or create a new unsealed Management Pack by clicking New.

7. On the General Properties page, in the Name box, type a name for the unit monitor, and then as an option, you can type a description.

8. In the Parent monitor list, click the appropriate parent monitor, and then click Next.

9. On the Application Log Data Source page (for the First Generic Log), under Define the application log data source, in the Directory box, type a path to where the log files are located.

10. In the Pattern text box, type a pattern string to select log files, select UTF8 if applicable, and then click Next.

11. On the Build Event Expression page (for the First Generic Log),click Insert and then do the following:

    1. Under Parameter Name (on the left), type Params/Param[1].
       
       
    2. Under Operator, click one of the operators.
       
       
    3. Under Value (on the right), type an expression to be searched for.
       
       
    4. Click Next.
       
       

12. On the Application Log Data Source page (for the Second Generic Log), under Define the application log data source, in the Directory box, type a path to where the log files are located.

13. In the Pattern text box, type a pattern string to select log files, select UTF8 if applicable, and then click Next.

14. On the Build Event Expression page (for the Second Generic Log), click Insert and then do the following:

    1. Under Parameter Name (on the left), type Params/Param[1].
       
       
    2. Under Operator, click one of the operators.
       
       
    3. Under Value (on the right), type an expression to be searched for.
       
       
    4. Click Next.
       
       

15. On the Configure Health page:

    1. For the SecondEventRaised row, click the name in the Operational State column and type a display name for this condition. Click health state in the Health State column, and then click Critical, Warning, or Healthy.
       
       
    2. For the FirstEventRaised row, click the name in the Operational State column and type a display name for this condition. Click health state in the Health State column, and then click Critical, Warning, or Healthy.
       
       

       Note
       One of the two events must be configured to set the health state to Success.

    3. Click Next.
       
       

16. On the Configure Alerts page, set the properties of the alert, and then click Create.

Other Resources